On the role of roles: from role-based to role-sensitive access control

This paper maintains that for an access-control (AC) mechanism tosupport a wide range of policies, it is best to dispense with any built-insemantics for roles in the mechanism itself---be it the semantics of RBAC, orany other---leaving such semantics to be defined by particular policies. Inother words, an AC mechanism should be sensitive to roles… CONTINUE READING